How does password strength policy work in Plesk?

Follow

Comments

7 comments

  • Avatar
    Peter Wise

    Please consider implementing Dropbox's password strength library in future versions of plesk. https://github.com/dropbox/zxcvbn

    Right now (Plesk Onyx Version 17.8.11) very secure passwords such as applaud-bisque-batch-forefoot won't even pass the "medium" filter, and very bad passwords such as Pa$$word123 are marked "Strong".

    Brute force cracking continues to get more sophisticated and the current strength ratings are misleading.

    0
    Comment actions Permalink
  • Avatar
    Ivan Postnikov

    Hello @Peter,

    Thank you for sharing your idea. I have created a feature suggestion.

    The top-rated features will be implemented in next Plesk updates.

    0
    Comment actions Permalink
  • Avatar
    EFTHIMIOS SIDERIS (Edited )

    Plesk REST API fails to create ftp user with some ftp_password e.g. b&3$0BRldB~1 with message: "Do not use quotes, space and national alphabet characters in a password. The password length should be from 5 to 14 characters in length, and it should not contain the username."

    while there is no problem using the same password through dashboard.

    Am I doing something wrong or is a bug?

    Plesk Obsidian Web Host Edition
    Version 18.0.27

    0
    Comment actions Permalink
  • Avatar
    Renan Genova Ferreira

    Hello, EFTHIMIOS SIDERIS!

    Can you please tell the OS version you have Plesk Installed?

    Thank you

    0
    Comment actions Permalink
  • Avatar
    EFTHIMIOS SIDERIS

    Hello,

    OS is: CentOS Linux 8.1.1911

    0
    Comment actions Permalink
  • Avatar
    EFTHIMIOS SIDERIS

    Hello again,

    Nobody can answer?

    Thank you

    0
    Comment actions Permalink
  • Avatar
    Anton Maslov

    Hello,

    Unfortunately there is nothing we can suggest based on the provided information. Please create a support request to troubleshoot the issue.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request